git.ipfire.org Git - thirdparty/vim.git/commit

author	Christian Brabandt <cb@256bit.org>
	Thu, 26 Oct 2023 20:14:17 +0000 (22:14 +0200)
committer	Christian Brabandt <cb@256bit.org>
	Thu, 26 Oct 2023 20:24:17 +0000 (22:24 +0200)
commit	6b89dd6a7257a1e2e9c7ea070b407bc4674a5118
tree	c04f43bba60348bbd22f3d1b719987f47028bf1e	tree
parent	67ec6553839f070cd4cc8effa26a9db1750e17b6	commit \| diff

patch 9.0.2070: [security] disallow setting env in restricted mode

Problem: [security] disallow setting env in restricted mode
Solution: Setting environment variables in restricted mode could
potentially be used to execute shell commands. Disallow this.

restricted mode: disable allow setting of environment variables

Setting environment variables in restricted mode, may have some unwanted
consequences. So, for example by setting $GCONV_PATH in restricted mode
and then calling the iconv() function, one may be able to execute some
unwanted payload, because the `iconv_open()` function internally uses
the `$GCONV_PATH` variable to find its conversion data.

So let's disable setting environment variables, even so this is no
complete protection, since we are not clearing the existing environment.
I tried a few ways but wasn't successful :(

One could also argue to disable the iconv() function completely in
restricted mode, but who knows what other API functions can be
influenced by setting some other unrelated environment variables.
So let's leave it as it is currently.

closes: #13394
See: https://huntr.com/bounties/b0a2eda1-459c-4e36-98e6-0cc7d7faccfe/

Signed-off-by: Christian Brabandt <cb@256bit.org>

runtime/doc/starting.txt		diff \| blob \| blame \| history
src/evalfunc.c		diff \| blob \| blame \| history
src/version.c		diff \| blob \| blame \| history